Add mccarthy as admin web server and mail node

[hcoop/domtool2.git] / openssl / openssl_sml.c

diff --git a/openssl/openssl_sml.c b/openssl/openssl_sml.c
index 201d816..0ce16d2 100644 (file)
--- a/openssl/openssl_sml.c
+++ b/openssl/openssl_sml.c
@@ -24,6 +24,10 @@ int OpenSSL_SML_get_error() {
   return ERR_get_error();
 }
 
+int OpenSSL_SML_should_retry(BIO *b) {
+  return BIO_should_retry(b);
+}
+
 const char *OpenSSL_SML_lib_error_string(int err) {
   return ERR_lib_error_string(err);
 }
@@ -48,10 +52,6 @@ BIO *OpenSSL_SML_new_connect(char *addr) {
   return BIO_new_connect(addr);
 }
 
-BIO *OpenSSL_SML_new_accept(char *addr) {
-  return BIO_new_accept(addr);
-}
-
 void OpenSSL_SML_free_all(BIO *b) {
   BIO_free_all(b);
 }
@@ -64,11 +64,17 @@ int OpenSSL_SML_do_accept(BIO *b) {
   return BIO_do_accept(b);
 }
 
+int OpenSSL_SML_do_handshake(BIO *b) {
+  return BIO_do_handshake(b);
+}
+
 SSL_CTX *OpenSSL_SML_CTX_new(SSL_METHOD *meth) {
   SSL_CTX *ctx = SSL_CTX_new(meth);
   SSL_CTX_set_verify(ctx,
                     SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
                     0);
+  SSL_CTX_set_verify_depth(ctx,
+                          2);
   return ctx;
 }
 
@@ -94,6 +100,24 @@ BIO *OpenSSL_SML_new_ssl_connect(SSL_CTX *ctx) {
   return bio;
 }
 
+BIO *OpenSSL_SML_new_ssl(SSL_CTX *ctx) {
+  BIO *bio = BIO_new_ssl_connect(ctx);
+  SSL *ssl;
+
+  BIO_get_ssl(bio, &ssl);
+  SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+  return bio;
+}
+
+BIO *OpenSSL_SML_new_accept(SSL_CTX *ctx, char *port) {
+  BIO *sbio = BIO_new_ssl(ctx, 0);
+  BIO *acpt = BIO_new_accept(port);
+
+  BIO_set_accept_bios(acpt, sbio);
+
+  return acpt;
+}
 
 SSL *OpenSSL_SML_get_ssl(BIO *bio) {
   SSL *ssl;
@@ -160,6 +184,7 @@ void OpenSSL_SML_shutdown(int sock) {
 void OpenSSL_SML_SSL_set_bio(SSL *ssl, BIO *b1, BIO *b2) {
   SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
   SSL_set_bio(ssl, b1, b2);
+  BIO_set_ssl(b1, ssl, BIO_NOCLOSE);
 }
 
 int OpenSSL_SML_use_PrivateKey_file(SSL_CTX *ctx, char *keyfile) {
@@ -177,21 +202,16 @@ int OpenSSL_SML_use_certificate_chain_file(SSL_CTX *ctx, char *keyfile) {
                                            keyfile);
 }
 
-static unsigned char subject[] = "Subject";
-
 const char *OpenSSL_SML_get_peer_name(SSL *ssl) {
   X509 *x = SSL_get_peer_certificate(ssl);
-  unsigned char *name = subject;
-  X509_NAME *nm;
 
   if (x) {
     X509_NAME *name = X509_get_subject_name(x);
 
     if (name) {
-      unsigned char *out;
       X509_NAME_ENTRY *ne;
 
-      ne = X509_NAME_get_entry(name, 3);
+      ne = X509_NAME_get_entry(name, 0);
 
       if (ne) {
        ASN1_STRING *s = X509_NAME_ENTRY_get_data(ne);
@@ -204,10 +224,28 @@ const char *OpenSSL_SML_get_peer_name(SSL *ssl) {
          ret[M_ASN1_STRING_length(s)] = 0;
          return ret;
        }
-      } else
+      } else {
+       printf("Null entry\n");
        return NULL;
-    } else
+      }
+    } else {
+      printf("Null name\n");
       return NULL;
-  } else
+    }
+  } else {
+    printf("Null certificate\n");
     return NULL;
+  }
+}
+
+BIO *OpenSSL_SML_pop(BIO *b) {
+  return BIO_pop(b);
+}
+
+BIO *OpenSSL_SML_next(BIO *b) {
+  return BIO_next(b);
+}
+
+int OpenSSL_SML_puts(BIO *b, const char *buf) {
+  return BIO_puts(b, buf);
 }